Hatch IT Remote (USA) Full-time

Hatch I.T. is partnering with Socially Determined to find a AWS Network and DevOps Engineer. See details below:
About the Role
Socially Determined is seeking an Amazon Web Services Network and DevSecOps Engineer to join their Technical Solutions Group (TSG). This role will drive industry and regulatory security best practices and requirements into the network design, implementation, ongoing management, and regular review and verification cycles of the company. This hands-on AWS role will create TerraForm Infrastructure as Code (IaC) artifacts to create, modify, and update all aspects of their multiple AWS accounts spanning multiple US regions. The role will drive secure data management strategies forward, implementing data lake storage designs and security models, and designing secure approaches for adopting new data management tools, including Databricks and other big data approaches. This role will manage identity and access controls across accounts, roles and policies to ensure employees and approved contractors are granted least privilege access to data and services needed to fulfill their roles.
The Amazon Web Services Network and DevSecOps Engineer must lead efforts to establish secure mechanisms for application development, data science, analytic, and compliance teams to access and process HIPAA-regulated protected health information (PHI) data. This role will define, implement and manage AWS security groups, Network Access Controls (NACLs), IAM roles, Key Management Service (KMS) roles, S3 bucket policies, VPC subnets, route tables, transit gateways, and other infrastructure services to enable multiple teams to securely access appropriate resources using a zero-trust, least privilege security posture.
This role will work extensively with GitHub and multiple repositories containing TerraForm IaC configurations, leading code branching, merging, and pull request activities across multiple teams. Adjustments to security permissions through roles and policies will be performed through disciplined build and deployment activities coordinated with the application development and security management functions of the company.
The role is designed to be a remote work-from-home position.
Socially Determined offers a competitive salary and benefits package. They are an equal opportunity and affirmative action employer M/F/Disability/Veteran.

What You’ll Do

  • Perform daily management of all AWS network infrastructure services, including identity and authentication, role-based and policy-based permissions, network routing and partitioning, and security group management through IaC TerraForm best practices
  • Support application development and data science teams in ensuring secure access to regulated data is implemented per our Information Security Management Plan
  • Participate in regular, ongoing infrastructure security reviews, access control reviews, and audit reviews to ensure HIPAA regulatory compliance with network services and data
  • Create new AWS network infrastructure components and services to support secure implementation of Databricks and other big data analytic tools
  • Create new repository branches for TerraForm code, create pull requests for new work, and work with the application development team to merge and deploy new builds
  • Support end user tool requests and troubleshooting of access challenges reported by all teams

What You’ll Need

  • Bachelor’s degree in a related field or equivalent experience;
  • AWS DevOps Certification, or other equivalent certification in AWS demonstrating proficiency
  • Experience designing, implementing and managing complex AWS account network structures
  • Hands-on experience creating, testing, and applying TerraForm IaC using GitHub and build procedures
  • Deep expertise in AWS IaM security model, roles, policies, and securing data and services
  • Deep expertise in AWS VPC, Transit Gateway, network subnets, routing tables, security groups, and multi-region, multi-account secure networking
  • Experience in Healthcare using PHI data preferred
  • Experience with regulated industry data, including banking or other sensitive data a plus
  • Direct experience leading secure Databricks design and implementation a plus
  • Understanding of trends in the field and their potential impact on our company and clients
  • Demonstrated leadership capabilities and high performance in prior roles
  • Desire to support individuals on the team through mentorship
  • Strong problem-solving initiative and personal accountability to the team
  • Ability to think critically, identify issues, and proactively propose solutions
  • Willingness to work in a fast-paced, team-oriented start-up environment